CN105765912A - Method for acquiring data transmitted in a computer network comprising at least one computer, and data acquisition arrangement - Google Patents
Method for acquiring data transmitted in a computer network comprising at least one computer, and data acquisition arrangement Download PDFInfo
- Publication number
- CN105765912A CN105765912A CN201480063367.6A CN201480063367A CN105765912A CN 105765912 A CN105765912 A CN 105765912A CN 201480063367 A CN201480063367 A CN 201480063367A CN 105765912 A CN105765912 A CN 105765912A
- Authority
- CN
- China
- Prior art keywords
- data
- computer
- detection apparatus
- impact
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/162—Implementing security features at a particular protocol layer at the data link layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
- H04L63/306—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information intercepting packet switched data communications, e.g. Web, Internet or IMS communications
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Technology Law (AREA)
- Small-Scale Networks (AREA)
- Train Traffic Observation, Control, And Security (AREA)
- Hardware Redundancy (AREA)
Abstract
In order to be able to acquire, without feedback, data transmitted in a computer network (1) comprising at least one computer (2, 3, 4, 5), in a method for acquiring the transmitted data, said data is transmitted to an additional computer (19), the data being retrieved without feedback and being directed to a data acquisition device (22). The invention also relates to a data acquisition arrangement (37) for acquiring data from at least one computer (2, 3, 4, 5) in a computer network (1).
Description
Background technology
Following task is there is: detect the data transmitted in a network as completely as possible and without impact in order to diagnose and confirm to have the correct function of computer network of safety requirements.At this, allow for the regulation according to safe practice aspect without impact property (R ü ckwirkungsfreiheit) and confirm.But for practical reasons, in order to diagnose and check that detected data also must be carried out simple as far as possible remote access by purpose.
Summary of the invention
In order to realize this purpose, using the method for detecting the data sent in the computer network have at least one computer, the data wherein sent are transmitted to additional computer, wherein make data branches without impact and guide to data detection device.
Having a major advantage in that of the method according to the invention: described method can be performed about computer network without impact so that be especially absent from the probability being mixed in network by data.Thus, data-detection apparatus can use in the system in safe practice.
In the method according to the invention, the data sent can be transmitted in a different manner to additional computer, for instance via dedicated radio link.
Regard as at secure context and be particularly advantageous: data are via connection line transmission to additional computer, wherein being received in data detection device via the data of connection line transmission to additional computer, described data detection device is connected with connection line without impact via hardware based shunt.
When using the connection being used for nothing impact without that affect, hardware based shunt, it is possible to the reliable nothing of favourable mode performs the method according to the invention with affecting.When in order to use read-only circuit without the connection of impact, corresponding content is applicable.
When not only using the shunt without impact but also using read-only circuit, connection is especially reliable without impact.
Advantageously, by connecting data detection device guarantee via shunt and/or the read-only circuit without impact: computer network can not be produced impact by data detection device.Additionally, the method according to the invention provides feasibility favourable as follows due to its nothing impact property: by the detected data accessing in data detection device with monitoring system electronic of higher level.
In the basic version of the method according to the invention, additional computer serves merely as data sink, so as to guide the data to be detected in computer network to data-detection apparatus.
In another favourable design of the method according to the invention, additional computer promotes at least one computer in the computer network of safe practice aspect to send data.It is to say, additional computer is used herein to the one or more computers in inquiry computer network.
The method according to the invention can perform in different variations.Regard as and be particularly advantageous: use the switching Ethernet network with the data as message transmission as computer network, use packet detection apparatus as data-detection apparatus and to use packet check device as data detection device, and use the Ethernet TAP without impact as hardware based data splitter.
Additional computer can use in a different manner in the method according to the invention of this design, regards as and is particularly advantageous: at least one described computer independently sends additional computer to by additional for the data message being received by and/or export.
Additionally it is believed that advantageously: computer is activated by additional computer so that described computer status data message and/or diagnosis data message.At this, regard as again and be particularly advantageous: when multiple computer cyclically status data message and/or diagnosis data message.This is such as owing to cyclically inquiring additional computer one side or being undertaken by suitable order, and described order is sent at least one in computer by additional computer.
In addition in conjunction with advantageous: the status data message of computer and/or the inquiry of diagnostic message message will be forwarded to the receiving port of corresponding computer by additional computer.
Also referred to as being particularly advantageous: the method according to the invention security system in railway technology performs.Because being increasingly using switching Ethernet network in such systems.Mandatory detect computer data or message with needing nothing impact in security system in this railway technology, and only machine calculated as below, also including additional computer, use in interlocking mechanism, described computer is upgraded according to the regulation for this application type.
The present invention is additionally based upon following purpose: propose a kind of data-detection apparatus for computer network, and described data-detection apparatus works without impact about computer network or its computer are reliable.
According to the present invention, the data-detection apparatus of the data of a kind of at least one computer for detecting in computer network is for achieving the object, wherein data-detection apparatus has unique connecting device of at least one computer to computer network, data-detection apparatus comprises additional computer, described additional computer is connected in unique connecting device, and data-detection apparatus has data detection device, described data detection device is connected with unique connecting device without impact.
Detection equipment according to the present invention correspondingly has and has been described above in conjunction with the identical advantage of the advantage illustrated by the method according to the invention.
Unique connecting device can be wireless electrical connection means.In in accordance with safety rule advantageously: unique connecting device is connection line, and data detection device is connected on described connection line without impact via hardware based shunt.
Connection without impact can be differently composed.Show as advantageously: hardware based shunt is based on shunt hardware, nothing impact, because this shunt provides as assembly.
But also regard as advantageously in this article: data detection device is connected with connection line without impact via hardware based shunt and read-only circuit.
Computer network can be differently composed according in the data-detection apparatus of the present invention.Think and be particularly advantageous: computer network is the switching Ethernet network with the data sent as message, data-detection apparatus is packet detection apparatus and data detection device is packet check device, and hardware based shunt is corresponding Ethernet TAP.
Detection equipment according to the present invention can especially advantageously in security system in railway technology type according to switching Ethernet network use.
Accompanying drawing explanation
In order to the present invention is expanded on further,
In Fig. 1, an embodiment by means of the packet detection apparatus according to the present invention schematically shows switching Ethernet network, Yi Ji
Network described in Fig. 2 and the detail view of embodiment of the packet detection apparatus according to the present invention according to Fig. 1.
Detailed description of the invention
Fig. 1 illustrates the computer network being configured to switching Ethernet network 1, preferably in the switching Ethernet network used in the security system of railway technology aspect, the computer 2,3,4 and 5 of the described switching Ethernet network packet safety-related component form containing the security system in railway technology aspect.Being respectively equipped with two-way communication link between computer 2 to 5, described communication link is via the data circuit 9 of central authorities and guides without the network switch illustrated via for better general view;The network switch via connecting link, (Anschlussverbindungen) 10 to 13 be connected to each in computer 2 to 5 on.
Data circuit 9 is provided with the network switch 15 that being diagrammatically only by property shows.Being connected on the COM1 16 of the network switch 15 by connection line 18, described connection line guides to additional computer 19, and described additional computer is also to be provided with ethernet network interface in this unshowned mode.
There is Ethernet TAP20, described Ethernet TAP in connection line 18 is circuit arrangement knownly, realizes the access without impact on the data stream on connection line 18 via described circuit arrangement.Ethernet TAP20 is connected with the packet check device 22 of the message for computer 2 to 5 by read-only circuit 21.Packet detection apparatus 22 also has the storage device 24 for message in the embodiment illustrated except monitoring calculation machine 23, and described storage device is connected to supervision computer 23 downstream.
Can be accessed, by the supervision system of unshowned higher level, the message detected by packet check device 22 via the Internet 25 at packet check device 22 place, and the feedback to switching Ethernet network 1 does not thus occur.This can monitor message traffic and/or packet check device 22 is only connected with Ethernet TAP via read-only circuit 21 without impact based on: Ethernet TAP20.
Fig. 2 illustrates the switching Ethernet network 1 with computer 2,3 and 4, and wherein consistent with the element of Fig. 1 element is provided with identical accompanying drawing labelling, and described computer is respectively equipped with MAC Address and also is bidirectionally connected with the network switch 15 respectively.At this, each in computer 2 to 4 is configured to so that the message being received by or send is packed in data technique and sends to additional computer 19 as the data sent by described computer again.It is to say, in each in computer 2 to 4 or 5, produce that received respectively and/or that send the message to these other computers " virtual image " by other computers.Computer 2 to 4 is respectively equipped with COM1 26,27 and 28.Ethernet switch 15 is connected with connection line 18 via its COM1 16.Connection line 18 guides the receiving port 30 to additional computer 19.Ethernet TAP20 is connected on connection line 18.
As shown in addition in fig. 2: Ethernet TAP20 is configured to so that only can make message branch in this embodiment.Ethernet TAP without impact is additionally connected with the receiving port 35 of packet check device 22 via read-only circuit 21.The connection of the monitoring system to higher level can be set up via communicating route 36 from this packet check device 22.Additional computer 19 forms packet detection apparatus 37 with connection line 18 and Ethernet TAP20 together with read-only circuit 21 and packet check device 22.
Carry out as follows according to that method of the present invention: if such as message is sent to computer 4 by computer 2, then ensure this COM Continuation of Message is transferred to additional computer 19 by corresponding device.Because this transmission must carry out via connection line 18, so the message sent in a network is detected by the Ethernet TAP20 without impact and is transmitted to data detection device 22 via read-only circuit 21.Thus, by network computer send each message by data detection device without impact record.Additionally, computer (such as computer 4) each message received also is able to additionally be transferred to additional computer 19 by corresponding device and then same by data-detection apparatus 37 record.
In another variations, activate or ask such as computer 2 to send such as diagnostic message message via communication connection 18 and the network switch 15 via adapter path 40 shown in broken lines by additional computer 19.Subsequently, the COM1 26 of this computer is passed through via the network switch 15 by this message transmissions to additional computer 19 via signal path 41 shown in broken lines.This transmission carries out via connection line 18 so that Ethernet TAP20 can detect this message and be directed to monitor unit 23 via read-only circuit 21.Switching Ethernet network 1 can not be produced feedback at this by the latter by any way, because there is read-only circuit 21 and the Ethernet TAP20 without impact between packet check device 22.
Computer 3 and 4 can being made active in export such as status information message via other adapter path 42 or 43 in the corresponding way, described status information message transmits to additional computer 19 via connection line 18 subsequently.Also these messages are detected via Ethernet TAP20 and packet check device 22 without impact at this.
Claims (19)
1. one kind has at least one computer (2 for detection, 3,4,5) method of the data sent in computer network (1), wherein the described data sent are transmitted to additional computer (19), wherein make described data branches without impact and guide to data detection device (22).
2. method according to claim 1,
It is characterized in that,
By described data via connection line (18) transmission to described additional computer (19), wherein receiving the described data via described connection line (18) transmission to described additional computer (19) in described data detection device (22), described data detection device is connected with described connection line (18) without impact ground via hardware based shunt (20).
3. method according to claim 2,
It is characterized in that,
For the connection without impact, use without impact, hardware based shunt.
4. according to the method in claim 2 or 3,
It is characterized in that,
For the connection without impact, use read-only circuit (21).
5. the method according to any one of the claims,
It is characterized in that,
At least one described computer (2,3,4,5) additionally independently sends that be received by and/or output data to described additional computer (19).
6. the method according to any one of the claims,
It is characterized in that,
At least one described computer is activated by described additional computer to send described data.
7. method according to claim 6,
It is characterized in that,
At least one described computer is activated by described additional computer so that at least one described computer sends state and/or diagnosis data.
8. the method according to any one of claim 2 to 6,
It is characterized in that,
Use the switching Ethernet network (1) with the data as message transmission as computer network, use packet detection apparatus (37) as data-detection apparatus and to use packet check device (22) as data detection device, and use the Ethernet TAP (20) without impact as hardware based data splitter.
9. method according to claim 8,
It is characterized in that,
The data message being received by and/or export additionally independently is sent to described additional computer (19) by least one described computer (2,3,4,5).
10. method according to claim 8 or claim 9,
It is characterized in that,
At least one described computer is activated by described additional computer so that at least one described computer sends state and/or diagnosis data message.
11. method according to claim 10,
It is characterized in that,
When there is multiple computer in described computer network, cyclically status data message and/or diagnostic message message.
12. the method according to claim 10 or 11,
It is characterized in that,
The described status data message of described computer and/or the inquiry of diagnostic message message will be forwarded to the receiving port of corresponding described computer by described additional computer.
13. the method according to any one of the claims,
It is characterized in that,
Security system in railway technology performs described method.
14. one kind is used at least one computer (2 detecting in computer network (1), 3,4,5) data-detection apparatus (37) of data, wherein said data-detection apparatus (37) has the described computer (2,3,4 of at least one in described computer network (1), 5) unique connecting device (18)
Described data-detection apparatus (37) comprises additional computer (19), described additional computer is connected on unique described connecting device (18), and described data-detection apparatus (37) has data detection device (22), described data detection device is connected with unique described connecting device (18) without impact.
15. data-detection apparatus according to claim 14,
It is characterized in that,
Unique described connecting device is connection line (18), and described data detection device (22) is connected on described connection line without impact via hardware based shunt.
16. data-detection apparatus according to claim 15,
It is characterized in that,
Hardware based described shunt is based on shunt hardware, nothing impact.
17. the data-detection apparatus according to claims 14 or 15,
It is characterized in that,
Described data detection device (22) is connected with described connection line (18) without impact ground via hardware based described shunt (20) and read-only circuit (21).
18. the data-detection apparatus according to any one of claim 15 to 17,
It is characterized in that,
Described computer network is the switching Ethernet network (1) with the data sent as message, described data-detection apparatus is packet detection apparatus (17) and described data detection device is packet check device (22), and hardware based described shunt is Ethernet TAP (20).
19. the data-detection apparatus according to any one of claim 14 to 18,
It is characterized in that,
In the described data-detection apparatus (37) security system in railway technology, the type according to switching Ethernet network uses.
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| DE102013223548.8 | 2013-11-19 | ||
| DE102013223548.8A DE102013223548A1 (en) | 2013-11-19 | 2013-11-19 | Method for detecting data and data acquisition arrangement transmitted in a computer network with at least one computer |
| PCT/EP2014/074023 WO2015074896A1 (en) | 2013-11-19 | 2014-11-07 | Method for acquiring data transmitted in a computer network comprising at least one computer, and data acquisition arrangement |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105765912A true CN105765912A (en) | 2016-07-13 |
Family
ID=51945839
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201480063367.6A Pending CN105765912A (en) | 2013-11-19 | 2014-11-07 | Method for acquiring data transmitted in a computer network comprising at least one computer, and data acquisition arrangement |
Country Status (6)
| Country | Link |
|---|---|
| EP (1) | EP3047610B1 (en) |
| CN (1) | CN105765912A (en) |
| DE (1) | DE102013223548A1 (en) |
| DK (1) | DK3047610T3 (en) |
| ES (1) | ES2689320T3 (en) |
| WO (1) | WO2015074896A1 (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE102016115264A1 (en) * | 2016-08-17 | 2018-02-22 | Knorr-Bremse Systeme für Schienenfahrzeuge GmbH | Ethernet network |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1130850A2 (en) * | 2000-03-01 | 2001-09-05 | Tektronix, Inc. | Non-intrusive measurement of end-to-end network properties |
| EP1511220A2 (en) * | 2003-08-29 | 2005-03-02 | Agilent Technologies, Inc. | Non-intrusive method for routing policy discovery |
| US6898632B2 (en) * | 2003-03-31 | 2005-05-24 | Finisar Corporation | Network security tap for use with intrusion detection system |
| GB2424540A (en) * | 2005-03-24 | 2006-09-27 | Agilent Technologies Inc | Network tap device |
| CN101039221A (en) * | 2007-04-27 | 2007-09-19 | 华为技术有限公司 | Method for detecting fault and network equipment and network system |
| US20090138427A1 (en) * | 2007-11-27 | 2009-05-28 | Umber Systems | Method and apparatus for storing data on application-level activity and other user information to enable real-time multi-dimensional reporting about user of a mobile data network |
Family Cites Families (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CH684853A5 (en) * | 1993-02-04 | 1995-01-13 | Alcatel Str Ag | Process for extracting data on a two-wire telephone with digital traffic. |
| US5627819A (en) * | 1995-01-09 | 1997-05-06 | Cabletron Systems, Inc. | Use of multipoint connection services to establish call-tapping points in a switched network |
| US20040120259A1 (en) * | 2002-12-20 | 2004-06-24 | Stewart Jones | Passive network tap device |
| US7690040B2 (en) * | 2004-03-10 | 2010-03-30 | Enterasys Networks, Inc. | Method for network traffic mirroring with data privacy |
| US7460484B2 (en) * | 2004-09-07 | 2008-12-02 | Alcatel Lucent | Lawful intercept of traffic connections |
| US20060164998A1 (en) * | 2005-01-26 | 2006-07-27 | Broadcom Corporation | System and method for detecting added network connections including wiretaps |
| US8711713B2 (en) * | 2007-09-24 | 2014-04-29 | Ciena Corporation | Systems and methods for flow mirroring with network-scoped connection-oriented sink |
| US8488466B2 (en) * | 2009-12-16 | 2013-07-16 | Vss Monitoring, Inc. | Systems, methods, and apparatus for detecting a pattern within a data packet and detecting data packets related to a data packet including a detected pattern |
| DE102012216689B4 (en) * | 2012-09-18 | 2017-05-04 | Continental Automotive Gmbh | Method for monitoring an Ethernet-based communication network in a motor vehicle |
-
2013
- 2013-11-19 DE DE102013223548.8A patent/DE102013223548A1/en not_active Withdrawn
-
2014
- 2014-11-07 WO PCT/EP2014/074023 patent/WO2015074896A1/en active Application Filing
- 2014-11-07 CN CN201480063367.6A patent/CN105765912A/en active Pending
- 2014-11-07 ES ES14801957.3T patent/ES2689320T3/en active Active
- 2014-11-07 EP EP14801957.3A patent/EP3047610B1/en active Active
- 2014-11-07 DK DK14801957.3T patent/DK3047610T3/en active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1130850A2 (en) * | 2000-03-01 | 2001-09-05 | Tektronix, Inc. | Non-intrusive measurement of end-to-end network properties |
| US6898632B2 (en) * | 2003-03-31 | 2005-05-24 | Finisar Corporation | Network security tap for use with intrusion detection system |
| EP1511220A2 (en) * | 2003-08-29 | 2005-03-02 | Agilent Technologies, Inc. | Non-intrusive method for routing policy discovery |
| GB2424540A (en) * | 2005-03-24 | 2006-09-27 | Agilent Technologies Inc | Network tap device |
| CN101039221A (en) * | 2007-04-27 | 2007-09-19 | 华为技术有限公司 | Method for detecting fault and network equipment and network system |
| US20090138427A1 (en) * | 2007-11-27 | 2009-05-28 | Umber Systems | Method and apparatus for storing data on application-level activity and other user information to enable real-time multi-dimensional reporting about user of a mobile data network |
Also Published As
| Publication number | Publication date |
|---|---|
| DK3047610T3 (en) | 2018-10-08 |
| ES2689320T3 (en) | 2018-11-13 |
| WO2015074896A1 (en) | 2015-05-28 |
| DE102013223548A1 (en) | 2015-05-21 |
| EP3047610B1 (en) | 2018-07-18 |
| EP3047610A1 (en) | 2016-07-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105025058B (en) | Vehicle remote diagnosis method, remote vehicle monitoring method and car-mounted terminal | |
| CN205068381U (en) | A secure computer platform for track traffic | |
| JP2017112594A5 (en) | ||
| US10069709B2 (en) | Communication apparatus and vehicle transmission system | |
| CN107852415B (en) | Method and device for the reaction-free transmission of data between networks | |
| CN103138988B (en) | Positioning treatment method and positioning treatment device of network faults | |
| CN108769076B (en) | Data acquisition system, method and device with network isolation function | |
| CN102970279B (en) | Adaptive communication system of automobile electronic device based on serial ports | |
| CN102407856A (en) | Hot backup redundancy method and hot backup redundancy system of train central control unit | |
| CN105323080B (en) | A kind of link backup, power supply backup method, apparatus and system | |
| CN109644189A (en) | Data/address bus protects device and method | |
| CN102740449B (en) | Vehicle-mounted wireless transmission system of CTCS-3 level train control system using GSM-R network | |
| CN208227042U (en) | A kind of real-time automatic fault warning device of server | |
| CN102594643A (en) | Method, device and system for controlling bus communication of controller area network | |
| CN103096038B (en) | The method for supervising of the fusion video monitoring system of multi-protocol video watch-dog access | |
| CN103905467A (en) | Efficient and safe image data network one-way physical channel importing system and application thereof | |
| CN104317219B (en) | A kind of locomotive vehicle-mounted terminal positioned based on the Big Dipper | |
| CN105637811A (en) | Semantic deduplication | |
| CN206100062U (en) | Based on incessant communication device of car networking systems real -time data | |
| CN105765912A (en) | Method for acquiring data transmitted in a computer network comprising at least one computer, and data acquisition arrangement | |
| CN111149105B (en) | Method and device for immediate and non-reactive transmission of log messages | |
| KR101550102B1 (en) | Automatic meter reading system | |
| CN105629913A (en) | Railway machine room signal power supply and environment monitoring system | |
| KR101686895B1 (en) | Apparatus for safety data acquisition of train system | |
| CN101316202B (en) | On-line diagnosis method and system of embedded software, embedded software device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20190304 Address after: Munich, Germany Applicant after: SIEMENS Mobile Ltd. Address before: Munich, Germany Applicant before: Siemens AG |
|
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: Munich, Germany Applicant after: Siemens Transport Co., Ltd. Address before: Munich, Germany Applicant before: SIEMENS Mobile Ltd. |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160713 |